diff options
author | Harald Welte <laforge@osmocom.org> | 2021-03-04 17:59:35 +0100 |
---|---|---|
committer | Harald Welte <laforge@osmocom.org> | 2021-03-23 15:23:00 +0100 |
commit | 78fe4500482a4ecb87a40fb864b1b69684eff6c2 (patch) | |
tree | 0993bfdb5c0a9ab5c48e42d0f688b1a39908c8c0 /src/gb | |
parent | af81c77b656dff0369eadcfde006b470b50f0b53 (diff) |
gprs_ns2_sns: Verify mandatory IE presence in incoming SNS-SIZE
Change-Id: I40571e313c3332d8cead8fb4aa9768d0d083804d
Diffstat (limited to 'src/gb')
-rw-r--r-- | src/gb/gprs_ns2_sns.c | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/src/gb/gprs_ns2_sns.c b/src/gb/gprs_ns2_sns.c index f36e8d0b..b5b66770 100644 --- a/src/gb/gprs_ns2_sns.c +++ b/src/gb/gprs_ns2_sns.c @@ -2123,14 +2123,23 @@ static void ns2_sns_st_all_action_sgsn(struct osmo_fsm_inst *fi, uint32_t event, struct ns2_sns_state *gss = (struct ns2_sns_state *) fi->priv; struct tlv_parsed *tp = NULL; uint8_t flag; + uint8_t cause; OSMO_ASSERT(gss->role == GPRS_SNS_ROLE_SGSN); switch (event) { case GPRS_SNS_EV_RX_SIZE: tp = (struct tlv_parsed *) data; - if (!TLVP_PRES_LEN(tp, NS_IE_RESET_FLAG, 1)) { - uint8_t cause = NS_CAUSE_MISSING_ESSENT_IE; + /* check for mandatory / conditional IEs */ + if (!TLVP_PRES_LEN(tp, NS_IE_RESET_FLAG, 1) || + !TLVP_PRES_LEN(tp, NS_IE_MAX_NR_NSVC, 2)) { + cause = NS_CAUSE_MISSING_ESSENT_IE; + ns2_tx_sns_size_ack(gss->sns_nsvc, &cause); + break; + } + if (!TLVP_PRES_LEN(tp, NS_IE_IPv4_EP_NR, 2) && + !TLVP_PRES_LEN(tp, NS_IE_IPv6_EP_NR, 2)) { + cause = NS_CAUSE_MISSING_ESSENT_IE; ns2_tx_sns_size_ack(gss->sns_nsvc, &cause); break; } |